mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

temp

Browse Source
This commit is contained in:
mjallen18
2025-09-22 07:48:44 -05:00
parent 0a40f7712a
commit aa0d09d3c9
12 changed files with 469 additions and 366 deletions
Download Patch File Download Diff File Expand all files Collapse all files

327
flake.lock generated
View File

@@ -30,11 +30,11 @@
"uv2nix": "uv2nix"
},
"locked": {
"lastModified": 1757062396,
"narHash": "sha256-403iuoMVVjk64sF1GgZfrRwOnVU1H14sflE+LNp927c=",
"lastModified": 1758177015,
"narHash": "sha256-PCUWdbaxayY3YfSjVlyddBMYoGvSaRysd5AmZ8gqSFs=",
"owner": "nix-community",
"repo": "authentik-nix",
"rev": "22827e9a0cc002a076ee8bd14c3433ebc6c87f95",
"rev": "4c626ed84cc0f1278bfba0f534efd6cba2788d75",
"type": "github"
},
"original": {
@@ -46,16 +46,16 @@
"authentik-src": {
"flake": false,
"locked": {
"lastModified": 1755873658,
"narHash": "sha256-5l1g55b0xozGg0NaZFimiO5JbHGcudaNSEn1/XsweaU=",
"lastModified": 1758035356,
"narHash": "sha256-DkvxDwHCfSqEpZ9rRXNR8MP0Mz/y1kHAr38exrHQ39c=",
"owner": "goauthentik",
"repo": "authentik",
"rev": "dd7c6b29d950664deadbcf5390272619a8bf9a5e",
"rev": "680feaefa17934471a6b33ebc35caf5b64120404",
"type": "github"
},
"original": {
"owner": "goauthentik",
"ref": "version/2025.8.1",
"ref": "version/2025.8.3",
"repo": "authentik",
"type": "github"
}
@@ -86,11 +86,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1757332942,
"narHash": "sha256-tew9nur/P2qC08OgvaMMLdIq+rD539C+GloCQYwi26o=",
"lastModified": 1758033778,
"narHash": "sha256-oQH2wLOWLFHXT3NE+gcsFOX+Pq40bKjlOH1xw0wcmT8=",
"owner": "chaotic-cx",
"repo": "nyx",
"rev": "dc4ba8b14671326b3cad2652d8028d3379b675bb",
"rev": "b3efa297b9c6a9e55a44f3b6905d55f80738704f",
"type": "github"
},
"original": {
@@ -136,35 +136,16 @@
"type": "github"
}
},
"crowdsec": {
"darwin": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1752497357,
"narHash": "sha256-9epXn1+T6U4Kfyw8B9zMzbERxDB3VfaPXhVebtai6CE=",
"ref": "refs/heads/main",
"rev": "84db7dcea77f7f477d79e69e35fb0bb560232667",
"revCount": 42,
"type": "git",
"url": "https://codeberg.org/kampka/nix-flake-crowdsec.git"
},
"original": {
"type": "git",
"url": "https://codeberg.org/kampka/nix-flake-crowdsec.git"
}
},
"darwin": {
"inputs": {
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1757130842,
"narHash": "sha256-4i7KKuXesSZGUv0cLPLfxbmF1S72Gf/3aSypgvVkwuA=",
"lastModified": 1758447883,
"narHash": "sha256-yGA6MV0E4JSEXqLTb4ZZkmdJZcoQ8HUzihRRX12Bvpg=",
"owner": "LnL7",
"repo": "nix-darwin",
"rev": "15f067638e2887c58c4b6ba1bdb65a0b61dc58c5",
"rev": "25381509d5c91bbf3c30e23abc6d8476d2143cd1",
"type": "github"
},
"original": {
@@ -180,11 +161,11 @@
]
},
"locked": {
"lastModified": 1757255839,
"narHash": "sha256-XH33B1X888Xc/xEXhF1RPq/kzKElM0D5C9N6YdvOvIc=",
"lastModified": 1758287904,
"narHash": "sha256-IGmaEf3Do8o5Cwp1kXBN1wQmZwQN3NLfq5t4nHtVtcU=",
"owner": "nix-community",
"repo": "disko",
"rev": "c8a0e78d86b12ea67be6ed0f7cae7f9bfabae75a",
"rev": "67ff9807dd148e704baadbd4fd783b54282ca627",
"type": "github"
},
"original": {
@@ -293,11 +274,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1754487366,
"narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=",
"lastModified": 1756770412,
"narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18",
"rev": "4524271976b625a4a605beefd893f270620fd751",
"type": "github"
},
"original": {
@@ -364,7 +345,7 @@
},
"flake-utils-plus": {
"inputs": {
"flake-utils": "flake-utils_6"
"flake-utils": "flake-utils_5"
},
"locked": {
"lastModified": 1715533576,
@@ -394,8 +375,9 @@
"type": "github"
},
"original": {
"id": "flake-utils",
"type": "indirect"
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
@@ -438,24 +420,6 @@
"inputs": {
"systems": "systems_5"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_6": {
"inputs": {
"systems": "systems_6"
},
"locked": {
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
@@ -521,11 +485,11 @@
]
},
"locked": {
"lastModified": 1757075491,
"narHash": "sha256-a+NMGl5tcvm+hyfSG2DlVPa8nZLpsumuRj1FfcKb2mQ=",
"lastModified": 1757920978,
"narHash": "sha256-Mv16aegXLulgyDunijP6SPFJNm8lSXb2w3Q0X+vZ9TY=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "f56bf065f9abedc7bc15e1f2454aa5c8edabaacf",
"rev": "11cc5449c50e0e5b785be3dfcb88245232633eb8",
"type": "github"
},
"original": {
@@ -541,11 +505,11 @@
]
},
"locked": {
"lastModified": 1757256385,
"narHash": "sha256-WK7tOhWwr15mipcckhDg2no/eSpM1nIh4C9le8HgHhk=",
"lastModified": 1758464306,
"narHash": "sha256-i56XRXqjwJRdVYmpzVUQ0ktqBBHqNzQHQMQvFRF/acQ=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "f35703b412c67b48e97beb6e27a6ab96a084cd37",
"rev": "939e91e1cff1f99736c5b02529658218ed819a2a",
"type": "github"
},
"original": {
@@ -557,11 +521,11 @@
"homebrew-cask": {
"flake": false,
"locked": {
"lastModified": 1757358304,
"narHash": "sha256-EDDXyPt98zfJ+25B0u9oXDb+9A/HEQlfrK9UZKxzFBE=",
"lastModified": 1758498617,
"narHash": "sha256-z54nOZTorZH0K1rHgfDXB2c9/H5hFqh0TYm5pgW924k=",
"owner": "homebrew",
"repo": "homebrew-cask",
"rev": "e4035e701fe0c0296bce7279b3f28f8c8d9942fb",
"rev": "e5dd26082702b3d467a84c50766fdcdfd32006de",
"type": "github"
},
"original": {
@@ -573,11 +537,11 @@
"homebrew-core": {
"flake": false,
"locked": {
"lastModified": 1757356252,
"narHash": "sha256-G/L8+hHInVX3OgTb+Gg0w9hPpTo3hKzuHPM5iKnOu+E=",
"lastModified": 1758500263,
"narHash": "sha256-zz8DFHZGJbhgwZbLkLOlj3AzI00wvS51SX8otGPyGxw=",
"owner": "homebrew",
"repo": "homebrew-core",
"rev": "304e193a9a3989af5388c8ad964a2a872c3372c7",
"rev": "e885969cd983ef8e9fd780a31f6e396b6b15beb4",
"type": "github"
},
"original": {
@@ -610,11 +574,11 @@
]
},
"locked": {
"lastModified": 1757052778,
"narHash": "sha256-rYszJwY0EArAqK6q0i5bB1zxNCNRk6gVmD9SIvnoXW8=",
"lastModified": 1757230583,
"narHash": "sha256-4uqu7sFPOaVTCogsxaGMgbzZ2vK40GVGMfUmrvK3/LY=",
"owner": "Jovian-Experiments",
"repo": "Jovian-NixOS",
"rev": "ceaa413a68f28bbf6731464594fdb2c3513e9110",
"rev": "fc3960e6c32c9d4f95fff2ef84444284d24d3bea",
"type": "github"
},
"original": {
@@ -626,7 +590,7 @@
"jovian_2": {
"inputs": {
"nix-github-actions": "nix-github-actions_2",
"nixpkgs": "nixpkgs_6"
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1757230583,
@@ -647,7 +611,7 @@
"crane": "crane",
"flake-compat": "flake-compat_3",
"flake-parts": "flake-parts_2",
"nixpkgs": "nixpkgs_7",
"nixpkgs": "nixpkgs_6",
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
"rust-overlay": "rust-overlay_3"
},
@@ -782,11 +746,11 @@
]
},
"locked": {
"lastModified": 1757218147,
"narHash": "sha256-IwOwN70HvoBNB2ckaROxcaCvj5NudNc52taPsv5wtLk=",
"lastModified": 1758427679,
"narHash": "sha256-xwjWRJTKDCjQ0iwfh7WhDhgcS0Wt3d1Yscg83mKBCn4=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "9b144dc3ef6e42b888c4190e02746aab13b0e97f",
"rev": "fd2569ca2ef7d69f244cd9ffcb66a0540772ff85",
"type": "github"
},
"original": {
@@ -797,8 +761,8 @@
},
"nix-plist-manager": {
"inputs": {
"flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_8"
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_7"
},
"locked": {
"lastModified": 1756757912,
@@ -816,15 +780,15 @@
},
"nix-vscode-extensions": {
"inputs": {
"flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_9"
"flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_8"
},
"locked": {
"lastModified": 1757296711,
"narHash": "sha256-7u9/tXUdmTj8x7ofet8aELLBlCHSoA+QOhYKheRdacM=",
"lastModified": 1758420016,
"narHash": "sha256-xnS4Xp2nvtT+fwIfxz16ikSMs03pV9SpQW80btttVe4=",
"owner": "nix-community",
"repo": "nix-vscode-extensions",
"rev": "ab9374ac8c162dacffcd4400e668fd7f9b6f173a",
"rev": "c55175e19f142be0330b2579d7da043d2f22e324",
"type": "github"
},
"original": {
@@ -835,8 +799,8 @@
},
"nixai": {
"inputs": {
"flake-utils": "flake-utils_5",
"nixpkgs": "nixpkgs_10"
"flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_9"
},
"locked": {
"lastModified": 1755942173,
@@ -855,7 +819,7 @@
"nixos-apple-silicon": {
"inputs": {
"flake-compat": "flake-compat_4",
"nixpkgs": "nixpkgs_11",
"nixpkgs": "nixpkgs_10",
"treefmt-nix": "treefmt-nix"
},
"locked": {
@@ -874,11 +838,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1757103352,
"narHash": "sha256-PtT7ix43ss8PONJ1VJw3f6t2yAoGH+q462Sn8lrmWmk=",
"lastModified": 1757943327,
"narHash": "sha256-w6cDExPBqbq7fTLo4dZ1ozDGeq3yV6dSN4n/sAaS6OM=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "11b2a10c7be726321bb854403fdeec391e798bf0",
"rev": "67a709cfe5d0643dafd798b0b613ed579de8be05",
"type": "github"
},
"original": {
@@ -918,7 +882,7 @@
"inputs": {
"argononed": "argononed",
"nixos-images": "nixos-images",
"nixpkgs": "nixpkgs_12"
"nixpkgs": "nixpkgs_11"
},
"locked": {
"lastModified": 1756774688,
@@ -936,11 +900,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1756386758,
"narHash": "sha256-1wxxznpW2CKvI9VdniaUnTT2Os6rdRJcRUf65ZK9OtE=",
"lastModified": 1757745802,
"narHash": "sha256-hLEO2TPj55KcUFUU1vgtHE9UEIOjRcH/4QbmfHNF820=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "dfb2f12e899db4876308eba6d93455ab7da304cd",
"rev": "c23193b943c6c689d70ee98ce3128239ed9e32d1",
"type": "github"
},
"original": {
@@ -952,11 +916,11 @@
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1753579242,
"narHash": "sha256-zvaMGVn14/Zz8hnp4VWT9xVnhc8vuL3TStRqwk22biA=",
"lastModified": 1754788789,
"narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "0f36c44e01a6129be94e3ade315a5883f0228a6e",
"rev": "a73b9c743612e4244d865a2fdee11865283c04e6",
"type": "github"
},
"original": {
@@ -999,11 +963,11 @@
},
"nixpkgs-stable_3": {
"locked": {
"lastModified": 1757244434,
"narHash": "sha256-AeqTqY0Y95K1Fgs6wuT1LafBNcmKxcOkWnm4alD9pqM=",
"lastModified": 1758346548,
"narHash": "sha256-afXE7AJ7MY6wY1pg/Y6UPHNYPy5GtUKeBkrZZ/gC71E=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "092c565d333be1e17b4779ac22104338941d913f",
"rev": "b2a3852bd078e68dd2b3dfa8c00c67af1f0a7d20",
"type": "github"
},
"original": {
@@ -1014,22 +978,6 @@
}
},
"nixpkgs_10": {
"locked": {
"lastModified": 1751271578,
"narHash": "sha256-P/SQmKDu06x8yv7i0s8bvnnuJYkxVGBWLWHaU+tt4YY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3016b4b15d13f3089db8a41ef937b13a9e33a8df",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_11": {
"locked": {
"lastModified": 1755615617,
"narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=",
@@ -1045,7 +993,7 @@
"type": "github"
}
},
"nixpkgs_12": {
"nixpkgs_11": {
"locked": {
"lastModified": 1756515621,
"narHash": "sha256-cYPwtXNlQ18FBuMVJ4RltuCym2Acy/6O+i/fJ4UnEn8=",
@@ -1061,13 +1009,13 @@
"type": "github"
}
},
"nixpkgs_13": {
"nixpkgs_12": {
"locked": {
"lastModified": 1757068644,
"narHash": "sha256-NOrUtIhTkIIumj1E/Rsv1J37Yi3xGStISEo8tZm3KW4=",
"lastModified": 1758277210,
"narHash": "sha256-iCGWf/LTy+aY0zFu8q12lK8KuZp7yvdhStehhyX1v8w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8eb28adfa3dc4de28e792e3bf49fcf9007ca8ac9",
"rev": "8eaee110344796db060382e15d3af0a9fc396e0e",
"type": "github"
},
"original": {
@@ -1077,13 +1025,13 @@
"type": "github"
}
},
"nixpkgs_14": {
"nixpkgs_13": {
"locked": {
"lastModified": 1754340878,
"narHash": "sha256-lgmUyVQL9tSnvvIvBp7x1euhkkCho7n3TMzgjdvgPoU=",
"lastModified": 1758029226,
"narHash": "sha256-TjqVmbpoCqWywY9xIZLTf6ANFvDCXdctCjoYuYPYdMI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "cab778239e705082fe97bb4990e0d24c50924c04",
"rev": "08b8f92ac6354983f5382124fef6006cade4a1c1",
"type": "github"
},
"original": {
@@ -1093,13 +1041,13 @@
"type": "github"
}
},
"nixpkgs_15": {
"nixpkgs_14": {
"locked": {
"lastModified": 1744868846,
"narHash": "sha256-5RJTdUHDmj12Qsv7XOhuospjAjATNiTMElplWnJE9Hs=",
"lastModified": 1758262103,
"narHash": "sha256-aBGl3XEOsjWw6W3AHiKibN7FeoG73dutQQEqnd/etR8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ebe4301cbd8f81c4f8d3244b3632338bbeb6d49c",
"rev": "12bd230118a1901a4a5d393f9f56b6ad7e571d01",
"type": "github"
},
"original": {
@@ -1111,11 +1059,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1757238739,
"narHash": "sha256-ovEq9v+Xc+oQH1zvQo28rT/YVqMQK2TRgUcNanvo2Zk=",
"lastModified": 1758029758,
"narHash": "sha256-fKqsvznISxVSBo6aaiGGXMRiBG4IIuV3sSySxx80pcQ=",
"owner": "PedroHLC",
"repo": "nixpkgs",
"rev": "6d8fca2c92488ff860524dd3400aa90a3310123e",
"rev": "4eb5897225c3d7e78a0b9d1542197ee7c8d270a5",
"type": "github"
},
"original": {
@@ -1142,21 +1090,6 @@
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1752494135,
"narHash": "sha256-c3FvvJVKCcQhSDYaPS3fDO4zcCnvOnfKOZsLqoAa2k4=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "e1735873e41eb0e1f5272c61c0246269d8f5439b",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1747728033,
"narHash": "sha256-NnXFQu7g4LnvPIPfJmBuZF7LFy/fey2g2+LCzjQhTUk=",
@@ -1172,7 +1105,7 @@
"type": "github"
}
},
"nixpkgs_6": {
"nixpkgs_5": {
"locked": {
"lastModified": 1756125398,
"narHash": "sha256-XexyKZpf46cMiO5Vbj+dWSAXOnr285GHsMch8FBoHbc=",
@@ -1188,7 +1121,7 @@
"type": "github"
}
},
"nixpkgs_7": {
"nixpkgs_6": {
"locked": {
"lastModified": 1731919951,
"narHash": "sha256-vOM6ETpl1yu9KLi/icTmLJIPbbdJCdAVYUXZceO/Ce4=",
@@ -1204,13 +1137,13 @@
"type": "github"
}
},
"nixpkgs_8": {
"nixpkgs_7": {
"locked": {
"lastModified": 1757068644,
"narHash": "sha256-NOrUtIhTkIIumj1E/Rsv1J37Yi3xGStISEo8tZm3KW4=",
"lastModified": 1758277210,
"narHash": "sha256-iCGWf/LTy+aY0zFu8q12lK8KuZp7yvdhStehhyX1v8w=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "8eb28adfa3dc4de28e792e3bf49fcf9007ca8ac9",
"rev": "8eaee110344796db060382e15d3af0a9fc396e0e",
"type": "github"
},
"original": {
@@ -1220,7 +1153,7 @@
"type": "github"
}
},
"nixpkgs_9": {
"nixpkgs_8": {
"locked": {
"lastModified": 1744868846,
"narHash": "sha256-5RJTdUHDmj12Qsv7XOhuospjAjATNiTMElplWnJE9Hs=",
@@ -1236,6 +1169,22 @@
"type": "github"
}
},
"nixpkgs_9": {
"locked": {
"lastModified": 1751271578,
"narHash": "sha256-P/SQmKDu06x8yv7i0s8bvnnuJYkxVGBWLWHaU+tt4YY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3016b4b15d13f3089db8a41ef937b13a9e33a8df",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": [
@@ -1267,14 +1216,14 @@
"inputs": {
"flake-compat": "flake-compat_5",
"gitignore": "gitignore_2",
"nixpkgs": "nixpkgs_14"
"nixpkgs": "nixpkgs_13"
},
"locked": {
"lastModified": 1757239681,
"narHash": "sha256-E9spYi9lxm2f1zWQLQ7xQt8Xs2nWgr1T4QM7ZjLFphM=",
"lastModified": 1758108966,
"narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "ab82ab08d6bf74085bd328de2a8722c12d97bd9d",
"rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b",
"type": "github"
},
"original": {
@@ -1299,11 +1248,11 @@
]
},
"locked": {
"lastModified": 1756087852,
"narHash": "sha256-4jc3JDQt75fYXFrglgqyzF6C6zLU0QGLymzian4aP+U=",
"lastModified": 1757296493,
"narHash": "sha256-6nzSZl28IwH2Vx8YSmd3t6TREHpDbKlDPK+dq1LKIZQ=",
"owner": "pyproject-nix",
"repo": "build-system-pkgs",
"rev": "6edb3ae27395cd88be3d64b732d1539957dad59c",
"rev": "5b8e37fe0077db5c1df3a5ee90a651345f085d38",
"type": "github"
},
"original": {
@@ -1320,11 +1269,11 @@
]
},
"locked": {
"lastModified": 1756395552,
"narHash": "sha256-5aJM14MpoLk2cdZAetu60OkLQrtFLWTICAyn1EP7ZpM=",
"lastModified": 1757246327,
"narHash": "sha256-6pNlGhwOIMfhe/RLjHdpXveKS4FyLHvlGe+KtjDild4=",
"owner": "pyproject-nix",
"repo": "pyproject.nix",
"rev": "030dffc235dcf240d918c651c78dc5f158067b51",
"rev": "8d77f342d66ad1601cdb9d97e9388b69f64d4c8e",
"type": "github"
},
"original": {
@@ -1338,7 +1287,6 @@
"authentik-nix": "authentik-nix",
"chaotic": "chaotic",
"cosmic": "cosmic",
"crowdsec": "crowdsec",
"darwin": "darwin",
"disko": "disko",
"home-manager": "home-manager_2",
@@ -1356,7 +1304,7 @@
"nixos-apple-silicon": "nixos-apple-silicon",
"nixos-hardware": "nixos-hardware",
"nixos-raspberrypi": "nixos-raspberrypi",
"nixpkgs": "nixpkgs_13",
"nixpkgs": "nixpkgs_12",
"nixpkgs-stable": "nixpkgs-stable_3",
"pre-commit-hooks-nix": "pre-commit-hooks-nix_2",
"snowfall-lib": "snowfall-lib",
@@ -1373,11 +1321,11 @@
]
},
"locked": {
"lastModified": 1757125853,
"narHash": "sha256-noKkYHKpT5lpvNSYrlH56d8cedthZfs010Uv6vTqLT4=",
"lastModified": 1757930296,
"narHash": "sha256-Z9u5VszKs8rfEvg2AsFucWEjl7wMtAln9l1b78cfBh4=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "8b70793a6be183536a5d562056dac10b7b36820d",
"rev": "09442765a05c2ca617c20ed68d9613da92a2d96b",
"type": "github"
},
"original": {
@@ -1452,14 +1400,14 @@
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_15"
"nixpkgs": "nixpkgs_14"
},
"locked": {
"lastModified": 1754988908,
"narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
"lastModified": 1758425756,
"narHash": "sha256-L3N8zV6wsViXiD8i3WFyrvjDdz76g3tXKEdZ4FkgQ+Y=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
"rev": "e0fdaea3c31646e252a60b42d0ed8eafdb289762",
"type": "github"
},
"original": {
@@ -1566,21 +1514,6 @@
"type": "github"
}
},
"systems_6": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
@@ -1609,11 +1542,11 @@
]
},
"locked": {
"lastModified": 1756662192,
"narHash": "sha256-F1oFfV51AE259I85av+MAia221XwMHCOtZCMcZLK2Jk=",
"lastModified": 1758206697,
"narHash": "sha256-/DbPkh6PZOgfueCbs3uzlk4ASU2nPPsiVWhpMCNkAd0=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "1aabc6c05ccbcbf4a635fb7a90400e44282f61c4",
"rev": "128222dc911b8e2e18939537bed1762b7f3a04aa",
"type": "github"
},
"original": {
@@ -1634,11 +1567,11 @@
]
},
"locked": {
"lastModified": 1756466761,
"narHash": "sha256-ALXRHIMXQ4qVNfCbcWykC23MjMwUoHn9BreoBfqmq0Y=",
"lastModified": 1757925761,
"narHash": "sha256-7Hwz0vfHuFqCo5v7Q07GQgLBWuPvZCuf/5/pk4NoADg=",
"owner": "pyproject-nix",
"repo": "uv2nix",
"rev": "0529e6d8227517205afcd1b37eee3088db745730",
"rev": "780494c40895bb7419a73d942bee326291e80b3b",
"type": "github"
},
"original": {

5
flake.nix
View File

@@ -37,8 +37,6 @@
authentik-nix.url = "github:nix-community/authentik-nix";
crowdsec.url = "git+https://codeberg.org/kampka/nix-flake-crowdsec.git";
nixai.url = "github:olafkfreund/nix-ai-help";
disko = {
@@ -108,8 +106,6 @@
modules.nixos = with inputs; [
authentik-nix.nixosModules.default
chaotic.nixosModules.default
crowdsec.nixosModules.crowdsec
crowdsec.nixosModules.crowdsec-firewall-bouncer
disko.nixosModules.disko
impermanence.nixosModules.impermanence
lanzaboote.nixosModules.lanzaboote
@@ -153,7 +149,6 @@
nixos-hardware.nixosModules.common-hidpi
home-manager.nixosModules.home-manager
];
# overlays = with inputs; [ crowdsec.overlays.default ];
};
# ######################################################

1
homes/x86_64-linux/admin@jallen-nas/default.nix
View File

@@ -10,7 +10,6 @@
"nas-nixpkgs"
"nas-authentik-nix"
"nas-cosmic"
"nas-crowdsec"
"nas-home-manager"
"nas-impermanence"
"nas-lanzaboote"

101
modules/nixos/services/crowdsec/default.nix
View File

@@ -12,55 +12,68 @@ in
{
imports = [ ./options.nix ];
config = lib.mkIf cfg.enable {
services = {
crowdsec =
let
yaml = (pkgs.formats.yaml { }).generate;
acquisitions_file = yaml "acquisitions.yaml" {
source = "journalctl";
journalctl_filter = [ "_SYSTEMD_UNIT=sshd.service" ];
labels.type = "syslog";
};
in
{
enable = true;
enrollKeyFile = "${cfg.dataDir}/enroll.key";
settings = {
crowdsec_service.acquisition_path = acquisitions_file;
api.server = {
listen_uri = "0.0.0.0:${toString cfg.port}";
};
};
};
crowdsec-firewall-bouncer = {
services = {
crowdsec = {
enable = true;
openFirewall = true;
hub = {
appSecConfigs = [
"crowdsecurity/appsec-default"
];
appSecRules = [
"crowdsecurity/base-config"
];
collections = [
"crowdsecurity/linux"
"crowdsecurity/traefik"
"firix/authentik"
];
parsers = [
"crowdsecurity/sshd-logs"
];
postOverflows = [
"crowdsecurity/auditd-nix-wrappers-whitelist-process"
];
scenarios = [
"crowdsecurity/ssh-bf"
];
};
localConfig = {
acquisitions = [
{
journalctl_filter = [
"_SYSTEMD_UNIT=sshd.service"
];
labels = {
type = "syslog";
};
source = "journalctl";
}
{
journalctl_filter = [
"_SYSTEMD_UNIT=traefik.service"
];
labels = {
type = "syslog";
};
source = "journalctl";
}
{
journalctl_filter = [
"_SYSTEMD_UNIT=authentik.service"
];
labels = {
type = "syslog";
};
source = "journalctl";
}
];
};
settings = {
api_key = cfg.apiKey;
api_url = "http://${cfg.apiAddress}:${toString cfg.port}";
capi.credentialsFile = cfg.apiKey;
};
};
};
systemd.services.crowdsec.serviceConfig = {
ExecStartPre =
let
script = pkgs.writeScriptBin "register-bouncer" ''
#!${pkgs.runtimeShell}
set -eu
set -o pipefail
if ! cscli bouncers list | grep -q "nas-bouncer"; then
cscli bouncers add "nas-bouncer" --key "${cfg.apiKey}"
fi
'';
in
[ "${script}/bin/register-bouncer" ];
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ cfg.port ];
allowedUDPPorts = [ cfg.port ];
};
};
}

226
modules/nixos/services/glance/default.nix Normal file
View File

@@ -0,0 +1,226 @@
{ config, lib, namespace, ... }:
let
inherit (lib.${namespace}) mkOpt mkReverseProxyOpt;
cfg = config.${namespace}.services.glance;
in
with lib;
{
options.${namespace}.services.glance = {
enable = mkEnableOption "glance service";
port = mkOpt types.int 80 "Port for glance to be hosted on";
localAddress = mkOpt types.str "127.0.0.1" "local address of the service";
dataDir = mkOpt types.str "" "Path to the data dir";
reverseProxy = mkReverseProxyOpt;
};
config = lib.mkIf cfg.enable {
services.glance = {
enable = true;
openFirewall = true;
settings = {
server = {
host = "0.0.0.0";
port = cfg.port;
};
pages = [
{
name = "Startpage";
width = "default";
hide-desktop-navigation = true;
center-vertically = true;
columns = [
{
size = "small";
widgets = [
{
type = "calendar";
first-day-of-week = "sunday";
}
{
type = "weather";
units = "metric";
hour-format = "12h";
location = "Saint Paul, Minnesota, United States";
}
{
type = "server-stats";
servers = [
{
type = "local";
name = "Jallen-NAS";
cpu-temp-sensor = "/sys/class/hwmon/hwmon2/temp2_input";
mountpoints = {
"/home" = {
name = "Home";
};
"/media/nas/main" = {
name = "nas_pool";
};
};
}
];
}
];
}
{
size = "full";
widgets = [
{
type = "search";
autofocus = true;
search-engine = "duckduckgo";
bangs = [
{
title = "YouTube";
shortcut = "!yt";
url = "https://www.youtube.com/results?search_query={QUERY}";
}
];
}
{
type = "monitor";
cache = "1m";
title = "Services";
sites = [
{
title = "Actual";
url = "https://actual.mjallen.dev/";
icon = "si:actualbudget";
}
{
title = "Jellyfin";
url = "https://jellyfin.mjallen.dev/";
icon = "si:jellyfin";
}
{
title = "Gitea";
url = "https://gitea.mjallen.dev/";
icon = "si:gitea";
}
{
title = "Nextcloud";
url = "https://cloud.mjallen.dev/";
icon = "si:nextcloud";
}
{
title = "Immich";
url = "https://immich.mjallen.dev/";
icon = "si:immich";
}
{
title = "AdGuard Home";
url = "http://10.0.1.2:3000/";
icon = "si:adguard";
allow-insecure = true;
}
{
title = "Home Assistant";
url = "https://hass.mjallen.dev/";
icon = "si:homeassistant";
}
{
title = "Manyfold";
url = "http://10.0.1.3:3214/collections";
icon = "sh:Manyfold";
allow-insecure = true;
}
{
title = "Sonarr";
url = "http://10.0.1.3:8989/";
icon = "si:sonarr";
allow-insecure = true;
basic-auth = {
username = "mjallen";
password = "BogieDudie1";
};
}
{
title = "Radarr";
url = "http://10.0.1.3:7878/";
icon = "si:radarr";
allow-insecure = true;
basic-auth = {
username = "mjallen";
password = "BogieDudie1";
};
}
# {
# title = "";
# url = "";
# icon = "si:";
# }
];
}
{
type = "bookmarks";
groups = [
{
title = "General";
links = [
{
title = "Gmail";
url = "https://mail.google.com/mail/u/0/";
}
{
title = "Proton Mail";
url = "https://mail.proton.me/u/0/inbox";
}
{
title = "MyNixOS";
url = "https://www.mynixos.com/";
}
{
title = "Github";
url = "https://github.com/";
}
];
}
{
title = "Entertainment";
links = [
{
title = "YouTube";
url = "https://www.youtube.com/";
}
{
title = "Prime Video";
url = "https://www.primevideo.com/";
}
{
title = "Disney+";
url = "https://www.disneyplus.com/";
}
];
}
{
title = "Social";
links = [
{
title = "Reddit";
url = "https://www.reddit.com/";
}
{
title = "Twitter";
url = "https://twitter.com/";
}
{
title = "Instagram";
url = "https://www.instagram.com/";
}
];
}
];
}
];
}
];
}
];
};
};
};
}

4
modules/nixos/services/matrix/default.nix
View File

@@ -129,7 +129,7 @@ let
# Create reverse proxy configuration using mkReverseProxy
reverseProxyConfig = lib.${namespace}.mkReverseProxy {
name = "actual";
name = "matrix";
subdomain = cfg.reverseProxy.subdomain;
url = "http://${cfg.localAddress}:${toString cfg.port}";
middlewares = cfg.reverseProxy.middlewares;
@@ -154,7 +154,7 @@ with lib;
options.${namespace}.services.matrix = {
enable = mkEnableOption "matrix service";
port = mkOpt types.int 8008 "Port for Actual to be hosted on";
port = mkOpt types.int 8008 "Port for matrix to be hosted on";
localAddress = mkOpt types.str "127.0.0.1" "local address of the service";

2
modules/nixos/services/matrix/default.nix.conduit
View File

@@ -69,7 +69,7 @@ with lib;
options.${namespace}.services.matrix = {
enable = mkEnableOption "matrix service";
port = mkOpt types.int 8008 "Port for Actual to be hosted on";
port = mkOpt types.int 8008 "Port for matrix to be hosted on";
localAddress = mkOpt types.str "127.0.0.1" "local address of the service";

37
systems/aarch64-linux/pi5/default.nix
View File

@@ -10,12 +10,20 @@
imports = [
./adguard.nix
./boot.nix
./services.nix
./sops.nix
];
${namespace} = {
# ###################################################
# # Impermanence # #
# ###################################################
impermanence.enable = true;
# ###################################################
# # Hardware # #
# ###################################################
hardware = {
disko.enable = true;
raspberry-pi = {
@@ -23,12 +31,33 @@
variant = "5";
};
};
# ###################################################
# # Desktop # #
# ###################################################
desktop.hyprland.enable = false;
# ###################################################
# # User # #
# ###################################################
user = {
name = "matt";
mutableUsers = false;
extraGroups = [ "docker" ];
};
# ###################################################
# # Services # #
# ###################################################
services.home-assistant.enable = true;
# ###################################################
# # Network # #
# ###################################################
network = {
hostName = "pi5";
ipv4 = {
@@ -53,7 +82,11 @@
};
};
};
# ###################################################
# # FileSystems # #
# ###################################################
fileSystems."/data" = {
device = "/dev/disk/bu-uuid/a85420cc-a026-4100-80d2-a999081d792a";
fsType = "bcachefs";

14
systems/aarch64-linux/pi5/services.nix
View File

@@ -1,14 +0,0 @@
{ ... }:
{
services = {
shairport-sync = {
enable = false;
openFirewall = true;
settings = {
general = {
name = "Living Room Speakers";
};
};
};
};
}

11
systems/x86_64-linux/jallen-nas/apps.nix
View File

@@ -87,6 +87,11 @@
};
};
glance = {
enable = true;
port = 5555;
};
free-games-claimer.enable = true;
manyfold.enable = true;
@@ -181,12 +186,6 @@
htpasswdFile = "/media/nas/main/backup/restic/.htpasswd";
extraFlags = [ "--no-auth" ];
};
tabby-web = {
enable = false;
port = 8050;
openFirewall = true;
};
};
};
}

28
systems/x86_64-linux/jallen-nas/default.nix
View File

@@ -4,10 +4,14 @@
{
config,
lib,
pkgs,
namespace,
...
}:
let
inherit (lib.${namespace}) enabled disabled;
in
{
imports = [
./boot.nix
@@ -26,13 +30,13 @@
# # Boot # #
# ###################################################
bootloader.lanzaboote.enable = true;
bootloader.lanzaboote = enabled;
# ###################################################
# # Desktop # #
# ###################################################
desktop.cosmic.enable = false;
desktop.cosmic = disabled;
# ###################################################
# # Development # #
@@ -92,12 +96,6 @@
group = "traefik";
mode = "u=rwx,g=rwx,o=rx";
}
{
directory = "/media";
user = "nas-apps";
group = "jallen-nas";
mode = "u=rwx,g=rx,o=rx";
}
];
};
@@ -105,7 +103,7 @@
# # Monitoring # #
# ###################################################
monitoring.enable = true;
monitoring = enabled;
# ###################################################
# # Network # #
@@ -162,7 +160,7 @@
# # Power # #
# ###################################################
power.ups.enable = true;
power.ups = enabled;
# ###################################################
# # Samba # #
@@ -212,14 +210,14 @@
# # Security # #
# ###################################################
security.tpm.enable = true;
security.tpm = enabled;
# ###################################################
# # Services # #
# ###################################################
services = {
grafana.enable = true;
grafana = enabled;
};
# ###################################################
@@ -250,10 +248,10 @@
fsType = "bcachefs";
mountPoint = "/media/nas/main";
options = [
"noauto"
"noauto"
"nofail"
"x-systemd.mount-timeout=0"
"x-systemd.device-timeout=0"
# "x-systemd.mount-timeout=0"
# "x-systemd.device-timeout=0"
];
};

79
systems/x86_64-linux/nuc-nixos/hardware-configuration.nix
View File

@@ -1,79 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"xhci_pci"
"nvme"
"ahci"
"usbhid"
"uas"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" = lib.mkForce {
device = "none";
fsType = "tmpfs";
options = [ "mode=755" ];
};
fileSystems."/boot" = lib.mkForce {
device = "UUID=0FCB-EC63"; # "/dev/disk/by-partlabel/disk-main-ESP";
fsType = "vfat";
options = [
"fmask=0022"
"dmask=0022"
];
};
fileSystems."/var/log" = lib.mkForce {
device = "UUID=88d9c058-757d-c06e-0fb7-a612f2db8a7a"; # "/dev/disk/by-partlabel/disk-main-root";
fsType = "bcachefs";
options = [ "X-mount.subdir=log" ];
};
fileSystems."/root" = lib.mkForce {
device = lib.mkDefault "UUID=88d9c058-757d-c06e-0fb7-a612f2db8a7a"; # "/dev/disk/by-partlabel/disk-main-root";
fsType = "bcachefs";
options = [ "X-mount.subdir=root" ];
};
fileSystems."/etc" = lib.mkForce {
device = lib.mkDefault "UUID=88d9c058-757d-c06e-0fb7-a612f2db8a7a"; # "/dev/disk/by-partlabel/disk-main-root";
fsType = "bcachefs";
options = [ "X-mount.subdir=etc" ];
};
fileSystems."/nix" = lib.mkForce {
device = lib.mkDefault "UUID=88d9c058-757d-c06e-0fb7-a612f2db8a7a"; # "/dev/disk/by-partlabel/disk-main-root";
fsType = "bcachefs";
options = [
"X-mount.subdir=nix"
"verbose"
];
};
fileSystems."/home" = lib.mkForce {
device = lib.mkDefault "UUID=88d9c058-757d-c06e-0fb7-a612f2db8a7a"; # "/dev/disk/by-partlabel/disk-main-root";
fsType = "bcachefs";
options = [ "X-mount.subdir=home" ];
};
swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}